[systemd-devel] [PATCH 2/2] main: added support for loading IMA custom policies
Roberto Sassu
roberto.sassu at polito.it
Mon Feb 20 10:36:20 PST 2012
On 02/20/2012 06:14 PM, Lennart Poettering wrote:
> On Wed, 15.02.12 18:12, Roberto Sassu (roberto.sassu at polito.it) wrote:
>
>> The location of the policy file is not IMA dependent. I chose that
>> because it seemed to me the right place where to put this file.
>> So, i can easily modify the location to be distribution independent
>> but i don't known which directory would be appropriate.
>> Any proposal?
>
> /etc/ima.conf or /etc/ima/ima.conf sound like obvious candidates.
>
I prefer the first one, because the second pathname raises the problem
of creating a new subdirectory. However, i think we should keep the
word 'policy' in the file name to avoid users believe that is a
configuration file.
Once we define the new pathname, i will also create a patch for
the IMA module in dracut to make sure things work also for
distributions that do not have Systemd installed.
Thanks
Roberto Sassu
> Lennart
>
More information about the systemd-devel
mailing list